From d9c5d378108d48a0cc3a291b22185ed5b2d469ff Mon Sep 17 00:00:00 2001
From: Joshua Arts <josha5@outlook.com>
Date: Thu, 28 Jun 2018 09:35:36 -0400
Subject: [PATCH] correctly handle failed login

---
 app/controllers/sessions_controller.rb | 7 ++++++-
 app/views/main/index.html.erb          | 8 ++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 8f9b0028..30cdb006 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -1,6 +1,9 @@
 # frozen_string_literal: true
 
 class SessionsController < ApplicationController
+
+  LOGIN_FAILED = "Login failed due to invalid credentials. Are you sure you typed them correctly?"
+
   # GET /users/login
   def new
   end
@@ -14,8 +17,10 @@ class SessionsController < ApplicationController
   # POST /users/login
   def create
     user = User.find_by(email: session_params[:email])
-    if user.&authenticate(session_params[:password])
+    if user&.authenticate(session_params[:password])
       login(user)
+    else
+      redirect_to root_path, notice: LOGIN_FAILED
     end
   end
 
diff --git a/app/views/main/index.html.erb b/app/views/main/index.html.erb
index 07e7646a..5ce4ab45 100644
--- a/app/views/main/index.html.erb
+++ b/app/views/main/index.html.erb
@@ -1,3 +1,11 @@
+<% unless flash.empty? %>
+  <%= render "shared/error_banner" do %>
+    <% flash.each do |key, value| %>
+      <%= content_tag :div, value, class: "flash #{key} d-inline" %>
+    <% end %>
+  <% end %>
+<% end %>
+
 <div class="background landing-section">
   <div class="d-flex align-items-center" style="height: 100%;">
     <div class="container text-center">